Sicial Engineering Flashcards

1
Q

List the 6 main types of motivational triggers

A
  • Authority
  • Urgency
  • Social Proof
  • Fear
  • Scarcity
  • Likeability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is meant by social proof

A

Psychological phenomenon where individuals look to the behaviors and actions of others to determine their own decisions or actions in similar situations 1/6 motivational triggers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is meant by scarcity

A

Psychological pressure people feel when they believe a product, opportunity, or resource is limited or in short supply

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Mention 3 forms of likeability

A
  • Sexual Attraction
  • Pretending to be a friend
  • Common Interest
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the 4 main forms of impersonation used by attackers ?

A
  • Impersonation
  • Brand Impersonation
  • Typosquatting
  • Watering Hole Attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can you mitigate impersonation?

A

Organizations must provide security awareness training to their employees on a regular basis so that they remain vigilant against future attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are ways you can protect against brand impersonation?

A

○ Educate their users about these types of threats
○ Use secure email gateways to filter out phishing emails
○ Regularly monitor their brand’s online presence to detect any fraudulent activities as soon as they occur

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is known as typo-squatting?

A

Also known as URL hijacking or cybersquatting, refers to a cyber attack where an attacker will register a domain name that is similar to a popular website but contain some kind of common typographical errors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How can an organisation combat typo squatting?

A

○ Register common misspellings of their own domain names
○ Use services that monitor for similar domain registrations
○ Conduct user security awareness training to educate users about the risks of typosquatting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are Watering Hole Attacks?

A

Targeted form of cyber attack where attackers compromise a specific website or service that their target is known to use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How can an organisation mitigate watering hole attacks?

A

○ Keep their systems and software updated
○ Use threat intelligence services to stay informed about new threats
○ Employ advanced malware detection and prevention tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly